ENGLISH

· The purposes of its collection and use of the user's personal information.

· The items of the user's personal information that it intends to collect.

· The period of time during which it intends to retain, possess, and use the user's personal information.

· In the event that collection of the user's personal information is necessary to performing the contract on the provision of information and communications services, but where it is obviously difficult to obtain the user's consent in the ordinary way due to economic or technical reasons.

· In the event that it is necessary to settling the payment of charges for the information and communication services rendered.

· In the event that a specific provision in other Acts requires otherwise.

· A person who collects a user's personal information without the consent of the user shall be punished by imprisonment with prison labor for not more than 5 years or by a fine not exceeding 50 million Won (Subparagraph 4-5 of Article 71 of the 「Personal Information Protection Act」).

· Other than the cases falling under any of the following, a provider of information and communications services may not collect and use its users’ resident registration numbers (Article 23-2(1) of the 「Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.」):

√ In cases where the provider is designated as the identification service agency.

√ When a telecommunications service provider who receives and resells mobile communication services from a key communication service provider collects and uses the user's resident registration number in connection with the identification of the mobile communication service provider designated as the identity verification agency

· A provider of information and communications services shall provide a method (alternative means) of identification without using its users' resident identification numbers (Article 23-2(2) of the 「Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.」).

· The fact that the users' personal information is due to be transferred.

· The name (referring to the name of a legal corporation, if the business person or entity in question is a legal corporation), address, and telephone number of the person or entity to whom the personal information is to be transferred, and other contact information of that person or entity.

· The methods and procedures available, in the event that a user does not want his/her personal information to be transferred to a third party.

· A person or entity that violates the foregoing shall be punished by a fine not exceeding 10 million Won (Subparagraph 6 of Article 75(4) of the 「Personal Information Protection Act」).

· A person who fails to provide methods of withdrawing consent regarding personal information in violation thereof shall be subject to a fine not exceeding 30 million won (Subparagraph 12-5 of Article 75(2) of the 「Personal Information Protection Act」).

· Any person or entity that seeks mediation of a dispute over personal information may address an application for mediation to the PICO (Article 43(1) of the 「Personal Information Protection Act」).

· When the PICO receives an application for mediation of a dispute, it may present the details thereof to the parties to a case and recommend them to reach an amicable agreement prior to mediation. Where it is deemed necessary to efficiently meditate disputes, the PICO may establish a mediation division composed of not more than five members in each category of mediation cases. The PICO shall examine a case and prepare a proposed mediation within 60 days (this period may be extended, if any unavoidable cause exists.) of the date it receives an application for mediation of a dispute. Upon preparing a proposed mediation, the PICO shall present the proposed mediation to each party without delay (Articles 40(6), 44(1), 46 and 47(2) of the 「Personal Information Protection Act」).

· When the parties to a dispute in receipt of a proposed mediation fail to inform the PICO of their acceptance of the proposed mediation within 15 days of the date on which they receive it, the proposed mediation shall be deemed to have been rejected (Article 47(3) of the 「Personal Information Protection Act」).

· If the PICO deems that it is inappropriate to settle a dispute by mediation of the Committee in light of the nature of the dispute or if an application for mediation has been filed for any unjust purpose, it may reject the application for mediation. In such cases, it shall notify the applicant of the grounds for its rejection of the application for mediation and other related matters (Article 48(1) of the 「Personal Information Protection Act」).

· If a party to a dispute files a lawsuit while proceedings of a case filed for mediation are still in progress, the PICO shall suspend the mediation proceedings and notify the parties thereof (Article 48(2) of the 「Personal Information Protection Act」).

· Here, “damage” includes property and mental damage. Generally, the amount of damage is set through an agreement made by the relevant parties or by the court’s judgment.